2 matches found
CVE-2017-2212
CVE-2017-2212 affects TKY2JGD1379.EXE (TKY2JGD version 1.3.79). The untrusted search path vulnerability (CWE-427) in the installer may allow an attacker to gain privileges by placing a malicious DLL in a directory searched by the installer, enabling arbitrary code execution with the caller’s priv...
JVN#52691241: Multiple installers of the software provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries
Multiple installers of the software provided by Geospatial Information Authority of Japan GSI contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer...